This PR adds the documentation repository for the update-repository-version
verification.
Fixes#1027
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
QEMU >= 4.0 is able to boot into the uncompressed kernel using the PVH
entry point, but to get this `CONFIG_PVH` must be enabled in the guest
kernel and `pvh.bin` installed in the host.
Booting uncompressed kernels in QEMU 5.0 can reduce the memory footprint,
~17% for KSM and ~15% nonKSM.
fixes#1029
Signed-off-by: Julio Montes <julio.montes@intel.com>
The config file created by kernel fragments scheme is quite different
with the old arm64_kata_kvm_5.4.x.
So I will update arm64_kata_kvm_5.4.x for consistency.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
kvm-ptp is critical for mitigating time drift between host and guest.
This implementation in kernel side is still one experimental feature on
aarch64, and see https://github.com/kata-containers/packaging/pull/998
for detailed instructions.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Since we disable pci shpc hotplug for arm64, see
https://github.com/kata-containers/packaging/pull/498 for detailed
reason.
We need to move CONFIG_HOTPLUG_PCI_SHPC from common conf to
x86_64-specific.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Backport Anshuman Khandual's patch series of Enabling memory hot
remove on aarch64(https://patchwork.kernel.org/cover/11419305/)
to v5.4.x.
XONE_DEVICE is dependent on the implementation of memory hot remove.
This patch series has already been merged, and queued for 5.7.
After backporting this series, we could finally enable nvdimm/dax
on arm64.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Add a few arm64-specific configs and classify them into seven new categories
, that is,
1. base architecture-dependent options(base.conf)
It also includes varient-specific features, like CONFIG_ARM64_PMEM is
one ARMv8.2 arichitectural features.
2. crypto-related options(crypto.conf)
ARMv8 adds cryptographic instructions that could significantly improve
performance on tasks such as AES encryption and SHA1 and SHA256 hashing.
3. device tree related options(dt.conf)
The "Open Firmware Device Tree", or simply Device Tree (DT), is a data
structure and language for describing hardware, which is commonly
used in arm architecture.
4. ARM errata workarounds options(errata.conf)
There are many Kconfig entires under "Kernel Features" ->
"ARM errata workarounds via the alternatives framework", which provides
software workarounds to mitigate systems affected by those erratum.
Vendor-specific option will be left to users to decide.
5. pci related options(pci.conf)
a simplified pci host controller for mach-virt.
6. serial devices options(serial.conf)
CONFIG_SERIAL_OF_PLATFORM is used for all 8250 compatible serial ports
that are probed through device tree.
7. rtc related options(rtc.conf)
we don't have KVM’s paravirtualized clock and ptp implementation is
still under experimental mode, so we need rtc on aarch64.
QEMU provides an emulated ARM AMBA PrimeCell PL031 RTC.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Compaction is the only memory management component to form high order
(larger physically contiguous) memory blocks reliably.
The page allocator relies on compaction heavily and the lack of the feature
can lead to unexpected OOM killer invocations for high order memory requests.
We shouldn't disable this option unless there really is a strong reason.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
mmio devices are required in firecracker, and for now, x86_64 and
aarch64 are all supporting kata containers with firecracker.
So, we need to move mmio-related configs to common dir.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
There exists a few security-related configs, which are x86-64 specific.
CONFIG_LEGACY_VSYSCALL_NONE=y
CONFIG_RETPOLINE=y
CONFIG_RELOCATABLE and CONFIG_RANDOMIZE_BASE are kinds of tangled on
aarch64, if CONFIG_RANDOMIZE_BASE=y, then CONFIG_RELOCATABLE will be
selected automatically.
CONFIG_RANDOMIZE_BASE will randomize the virtual address at which the
kernel image is loaded, which as a security feature could deter exploit
attempts relying on knowledge of the location of kernel internals.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
There exists a few configs about linux guest support or optimization
that are not supported on aarch64.
CONFIG_HYPERVISOR_GUEST is only defined under arch/x86/Kconfig and
unfortunately, CONFIG_KVM_GUEST is not supported on aarch64 for now.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
For now, a few configs as follows in common acpi dir are truly x86-spcecific
or disable by default on arm64.
CONFIG_ACPI_CPU_FREQ_PSS=y
CONFIG_ACPI_HOTPLUG_IOAPIC=y
CONFIG_ACPI_LEGACY_TABLES_LOOKUP
CONFIG_ACPI_LPIT=y
CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y
CONFIG_ACPI_PROCESSOR_CSTATE=y
CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y
CONFIG_HAVE_ACPI_APEI_NMI=y
And I also add a few configs which are aarch64-specific.
Like CONFIG_ACPI_REDUCED_HARDWARE_ONLY=y, since ARM64 can run properly
in ACPI hardware reduced mode.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
- release: Tag and fork documentation repo as part of release
- obs: let patch set in order before apply them
- scripts: Disable pie for qemu when static building
- kernel: Enable CONFIG_VIRTIO_PMEM for booting from pmem
- kernel: Fix patch ordering
- tests: Remove performing updates in Fedora dockerfile
- kata-deploy: fix k3s containerd check
- scripts: update configuration script to support QEMU 5.0
- obs: Update SLES version for packaging
- config: enable printk-time for kernel-5.4 for arm64
- actions: change trigger phrase for kata-deploy action
- kernel: enable virtio-fs for arm64.
- add kernel config for gpu
- Optimize the kata qemu binary size
- obs: Remove OpenSUSE Leap 15.0 from obs generation
- pod : optimization Some debian package manager tweaks
d271ee7 obs: let patch set in order before apply them
fbad186 kernel: Enable CONFIG_VIRTIO_PMEM for booting from pmem
652d1fd release: Tag and fork documentation repo as part of release
7e22144 scripts: Disable pie for qemu when static building
93da145 kernel: Fix patch ordering
59f7678 tests: Remove performing updates in Fedora dockerfiles
96f3b99 kata-deploy: fix k3s containerd check
fb42e38 scripts: update configuration script to support QEMU 5.0
9bdc51c obs: Update SLES version for packaging
32986db config: enable printk-time for kernel-5.4 for arm64
9b8f20c kernel: enable virtio-fs for arm64.
12d351d kernel: add usage in readme
1389500 kernel: support force setup
7a17b50 kernel: support bash debug
d248e41 kernel: support build guest kernel for gpu
cbfc7a1 obs: Remove OpenSUSE Leap 15.0 from obs generation
9a6bd12 debian: Install missing ca-certificates package
d527c4f debian: Don't install recommended software
3670074 scripts: Disable a few options to reduce qemu binary size on generic architectures
711eae6 scripts: Set --enable-pie on aarch64 arch
7cdf113 scripts: Relax the version limitation for qemu
0871391 scripts: Remove obsoleted --disable-uuid
878a223 scripts: Disable xen when builing qemu on generic architectures
e92f3db actions: change trigger phrase for kata-deploy action
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
The enablement of ptp_kvm for arm is under review, see [1].
So we have to apply private patch to enable it in 5.4 kernel.
ptp_kvm can offer the capability of time sync in kata even there
is no network available and higher precision than time sync
service depend on network.
note:
If you want to use this feature on your arm machine, the host kernel
also need apply this patch. we recommend that your host kernel version
is the 5.4, then you can apply this patch smoothly.
[1] https://patchwork.kernel.org/cover/11372743/Fixes: #997
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
obs ci for linuxcontainer will fail when apply patch set which have
dependency within. so patch set should be made in order before feed
to apply.
Fixes: #1015
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
To support booting from pmem with cloud-hypervisor, we need to enable
the virtio-pmem in our kernel.
Fixes: #1013
Signed-off-by: Bo Chen <chen.bo@intel.com>
We should start maintaining stable branches for the documentation
repo similar to other repos.
Fixes#1007
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
--enable-pie is not compatible with --static option for qemu building.
Without this patch, it will report a configure error during static building:
ERROR: static and pie are mutually incompatible
Fixes: #982
Signed-off-by: Jia He <justin.he@arm.com>
Fix the `build-kernel.sh` script to sort patches correctly. Previously,
it relied on `find(1)` for the ordering. However, `find(1)` does not
guarantee any ordering of files within a directory. Since the ordering
could therefore be "random", it was quite possible for patches to be
applied in the wrong order, resulting in conflicts.
Fixes: #1003.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
For obs and running the packages testing in Fedora, we need to remove
the performing of doing an update as it is hit by
https://github.com/kata-containers/runtime/issues/2580. This is needed
to unblock the errors in the testing.
Fixes#1001
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
The default k3s containerRuntimeVersion takes the form of:
containerd://1.3.3-k3s2
The awk was stripping away the k3s portion before checking if it was a
k3s containerd.
fixes#996
Signed-off-by: Brandon Wilson <brandon@coil.com>
Currently for our CI, we have SLES 15 SP1, this PR updates the current obs
version to match with our current testing.
Fixes#983
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
This patch add patch file for virtio-fs-v0.3 kernel to enable memory hot
remove to let virtio-fs available on arm64. Also, kernel config file for
virtio-fs-v0.3x for arm64 is offered.
Fixes: #973
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Add option '-f' in build-kernel.sh to force the generation of .config
Signed-off-by: Jimmy Xu <junming.xjm@antfin.com>
n 请为您的变更输入提交说明。以 '#' 开始的行将被忽略,而一个空的提交
